package open.tech.dawn.core.util;

import cn.hutool.core.util.StrUtil;

public class XssUtil {

    public static String cleanXSS(String value) {
        if (StrUtil.isEmpty(value))
            return value;
        value = value.replaceAll("<", "& lt;").replaceAll(">", "& gt;");
        value = value.replaceAll("\\(", "& #40;").replaceAll("\\)", "& #41;");
        value = value.replaceAll("'", "& #39;");
        value = value.replaceAll("eval\\((.*)\\)", "");
        value = value.replaceAll("[\\\"\\'][\\s]*javascript:(.*)[\\\"\\']", "\"\"");
        value = value.replaceAll("script", "");
        return value;
    }

    public static String reduceXSS(String value) {
        if (StrUtil.isEmpty(value))
            return value;
        value = value.replaceAll("& lt;", "<").replaceAll("& gt;", ">");
        value = value.replaceAll("& #40;", "\\(").replaceAll("& #41;", "\\)");
        value = value.replaceAll("& #39;", "'");
        return value;
    }

}
